Symantec, one of the largest software antivirus companies in the world, revealed in its latest monthly report that global spam levels were down, although it still accounts for some 78.6% of all email traffic sent. And that’s the lowest since March 2009 when the rate had dropped to 75.7%.

The drop, says Symantec, was due mainly to three botnets – Lethic, Rustock and Xarvester – stopping operations and disagreement amongst a number of pharmaceutical spam-sending gangs.

A senior analyst at Symantec said:
“The closure of spam affiliate, Spamit, was partially responsible for the disruption to spam output. However, there are likely other factors at work, such as consolidation and restructuring of pharmaceutical spam operations which has led to instability in the market likely to be exploited as a business opportunity by other spam gangs. We expect to see more pharmaceutical spam in 2011 as new pharmaceutical spam brands emerge and botnets compete for their business.”

Botnets are hugely important when it comes to spamming and its reckoned that they were responsible for much of the spam circulating the globe. Indeed Rustock accounted for nearly half of all spam sent and on day alone, might have sent in the region of 44 billion spam emails. This gives it the distinction of being the single largest spam-sending botnet.

The Symantec analyst said about Rustock:
“At various points during Rustock’s history, the botnet has often exhibited irregular spamming patterns by sending huge volumes of spam before going quiet for several weeks at a time. But throughout 2010, its spamming pattern was more regular and it had been active non-stop until December 2010. Our investigation revealed no evidence of Rustock being disrupted in any way either by law enforcement or through other action.”

The bad news is though, that Rustock has resumed spamming – although not at its previous levels – and the Bagle botnet has taken over where the others left off, accounting for 20% of all spam emails; a figure which is growing.

Other parts of the report show that the number of email borne viruses is down as well, with one in 364.8 contained a virus, which equates to 0.274% and compares with the previous figure of 0.3%. And phishing slightly increased, with one in 409.7 emails explaining a get quick rich scheme.

Which goes to show that the need for software antivirus programmes has not at all lessened.

Guest Article by Neil Camp 

The developers of Norton – which many independent testers have labelled one of the best antivirus software products – believe that whereas five years ago there were around two attacks per day in 2005,it reckons there are over 70 attacks per day now.

Targeted attacks are where cybercriminals such as phishers launch a particular attack against an organisation en masse, trying to break down its defences and secure a breach in the computer defences.

In October, the retail sector has been particularly hit and up to 25% of all attacks were targeted in their direction (over 500 separate incidents)..

Spear phishing attacks are the most common form of assault and its believed that one in 1.26 million emails were sent as a targeted attack.

Each month, it is thought that between 200 and 300 individual organisations are targeted. And often it’s the same people within the organisations that are being targeted, but different exploit models are used, varying the attack.

A senior analyst at Symantec, Paul Wood, said:
“While targeted emails by nature are sent in low volumes, they are one of the most damaging types of malicious attacks. We have seen a constant influx of targeted attacks over the past six months with the type of organization targeted changing on a monthly basis and the number of targeted users increasing each month. Although the number of unique attack exploits being deployed has diminished slightly, the number of attacks used by each exploit has increased.”

Mr Wood went onto say that:
“Of the 516 attacks, only six organizations were the intended targets but two of them were mainly targeted one of which was the target of 63 percent of the 516 attacks. The spear phishing attacks, launched in three waves each one week apart, used social engineering techniques to distribute legitimate-looking emails from HR and IT staff of the targeted organization but in actuality contained malicious attachments.”

“Examination of the attacks’ timing and techniques suggests a methodical approach on behalf of the attackers. In the case that the recipient clicked on any of the three malicious attachments, a backdoor Trojan would have been installed onto the computer with the potential for the attacker to gain access to any sensitive personal information or valuable corporate data on the machine.”

The report also highlighted a number of other issues.

As regards spam in October, the amount of spam emails in legitimate emails was one in 1.4 (representing nearly 88%), but a decrease over September by nearly 5%.

Regarding viruses, the number of ‘nasties’ born by emails was one email in 221.9 (some 0.45%). This was again slightly lower compared to September.

As to the where the viruses ‘pointed’, a total of 15.5% linked to malicious websites, a significant increase of nearly 16% over September.

Endpoint threats (those which are directed as such devices as PCs, laptops and servers), it was revealed that the Trojan most blocked during October was the Sality.AE virus. This infects executable files and tries to download malicious files from the internet into people’s systems.

Phishing slowed slightly in October according to the Symantec report, with one in 488 emails an attack email (a very slightly reduction from September).

In terms of geography, the report provides some chilling statistics, including the slightly odd fact that the tiny state of Luxembourg was the most spammed in October, recording a spam rate of 94.9%. Mind you, the US, Canada and the UK were not far behind, recording spam levels of 91.6%, 91.3% and 91.1% respectively.

The UK had the dubious distinction of having more emails containing malware than anyone else, with one in 127.1 emails being sent with nasty attachments.

As regards individual sectors, the most spammed industry was automobile (93.5%), with education the next highest at 92.1%.

And the sector most targeted with email is Government/Public with an embarrassing one in 43.2 emails containing malware. Compare that with the IT sector which saw one in 224.4 emails.

It looks like Symantec, which produces one of the best antivirus software tools that individual users and companies can use, certainly has its work cut out.

Guest Article by Neil Camp 

The statement comes from Symantec, the makers of the Norton range of IT security products, who discovered that a whopping 87% of people thought they were safer online via their desktops, rather than surfing on their mobiles.

Ironically, the study went on to find that less than half of those using their PCs to go online, were not fully protected. Nearly 60% claimed to Symantec that they believed that their PC was running a complete security software application, but when the company did a scan to check, they discovered only 37% were in fact fully protected.

Michael Kaiser, National Cyber Security Alliance (NCSA) Executive Director, said:
“We’re encouraged that more Americans feel safe going online from their home computers. We need to ensure that this is not a false sense of security and that a feeling of safety does not lead to complacency. Americans need to remain vigilant and be sure that all Web connected hardware has the proper security tools installed and is up-to-date. In addition, the use of sound judgment and common sense online is necessary to protect personal information and reduce the loss of important data.”

What’s more, Symantec went on to discover that US citizens are increasingly embracing the digital and computerized world. It’s discovered that over half Americans now have between two to three computers at home, with nearly 75% owning a laptop, or netbook.

Furthermore, just over 30% say that nowadays, their laptop, or netbook is their main computer; a trend which sees the desktop becoming less important than it was. And with an ever increasing amount of web-enabled devices being introduced onto the market, Americans now have a vast choice of internet ready devices at home, school, work and the environment in general.

Marian Merritt, an Advocate for Norton Internet Safety, said:
“Computer users can run into online threats regardless of where they might be connected and what device they’re using. However, on a Wi-Fi network, there are other risks consumers can run into, like ‘evil twin’ networks that trick people into connecting to unknown networks, giving cybercriminals access to their computer and its contents. Consumers should ensure they’re connecting to a legitimate network, using the access keys or portal given to them by the Wi-Fi provider.”

Food for thought for anyone wishing to compare antivirus software.

Guest Article by Neil Camp 

The Symantec Corporation MessageLabs Intelligence Report for September 2010 is one of the biggest antivirus reviews, and its publications are keenly noted by antivirus companies and users alike.

The highlight of this particular report revealed that 35% of workers using the MessageLabs Hosted Web Security Service triggered web site blocks when on the road more often than they did in the office. These web site blocks come about when a webpage is visited that infringe corporate policy, and emphasise the need to create acceptable use policies within the work place so that employees do not visit sites that are illegal, harmful, or offensive.

Whilst adult or sexually explicit websites were revealed to be more likely visited in the workplace, it was those working away from the office that were 5.4 more likely to trigger website blocks. These blocks included personals and dating categories, as well as shopping and search engines.

Paul Wood, MessageLabs Intelligence Senior Analyst explains: “In general, more policy blocks overall are triggered by workers when they are out of the office, indicating rather intuitively that users are more compliant with usage policies when in the office. More than one-third of workers that are both remote and desk-based trigger a greater number of policy blocks when they are out of the office perhaps taking the opportunity to visit a greater variety of websites than they would when at their desks.”

Attacks on emails in the work place were also highlighted in the research; the ‘Here You Have’ virus swept email servers by using social engineering. This is a long-standing way of proliferating a virus, which uses genuine email addresses to send the virus to the email users’ addressees. The recipients assume that the email is safe as it comes from a friend or colleague, and are then vulnerable to opening the email and having the virus downloaded onto their computer.

As with every report, MessageLabs Intelligence also underlined other statistics from their findings. With regards to spam, email traffic from new and unknown source was 91.9% in September 2010; this is a drop in 0.3% since August. Another decrease was that of 0.01% in phishing activity since August.

The geographical trends were also investigated. Once again, Hungary lingered at the top of the list of countries that receive the most spam, although this had dropped by 0.3% from August, now standing at a spam rate of 96%. South Africa was revealed to be the country most targeted by malware found in emails; in September, 1 in 99.2 emails were detected and blocked for being malicious.

With its in depth analysis, the Symantec Corporation MessageLabs Intelligence Report is one of the most thorough antivirus reviews in the business, and helps to keep Norton (as well as other companies) antivirus software ahead of the game.

Guest Article by Neil Camp

Claiming to be the best anti virus software in an increasingly crowded marketplace is quite a call, but Symantec, the company behind the Norton range of products, believe they are onto a winner with the 2011 line-up.

They highlighted the product’s launch with news that they reckon that some 65% of people worldwide are falling prey to cybercrime. They also focus on the fact that the just released Norton AntiVirus and Norton Internet Security 2011 is the only comparable application to achieve a 100% protection score.

The score was achieved using a third-party test from Dennis Labs.

Norton AntiVirus and Norton Internet Security 2011 also comes with a free tool, the Norton Power Eraser, which has been developed to handle ‘scareware’ applications. These are becoming an increasing problem for many users (they pop-up on users’ computers and declare that the machine is virus ridden) and a tool that can attack them aggressively and eliminate their malicious intent, will be welcomed by many in the market.

President of the Consumer Business Unit at Symantec, Janice Chaffin, said:
“Today’s cybercriminals are not standing down – consumers need the very best protection to stay safe online. The Norton 2011 products are the highest quality we have ever built and the most comprehensive protection on the market with additional, value-added tools for protecting customers from today’s ever-evolving threats.”

Symantec claim that Norton AntiVirus and Norton Internet Security 2011 is packed full of new features, performance improvements and enhancements, and free tools.

It has also undergone extensive stress testing by Dennis Labs, which has had its security testing methodology revived by AMTSO, the Anti-Malware Testing Standards Organization.

The key components of the new Norton product are as follows.

Taking the lead is Reputation Based Security. This checks whether a particular download is risky (comparing it to the downloads undertaken from its near 60 million user customer base) and whether the programme is likely to contain malware. The check is almost instant, which prevents users from getting trapped.

Next up is the System Insight 2.0. At the core of this feature are Proactive Performance Alerts and these constantly monitor all running applications, recognising when a particular programme is hogging the machine’s resources.

Moving along and attention switches to the Download Insight 2.0. Symantec claim that this provides the best, and most fearsome, reputation-based protection system. It checks every download before they are allowed to operate on the computer.

SONAR 3 –as the name might suggest – adds the spice of behavioural security, which gets to the nitty gritty with ‘zero-day’ protection against emerging threats. And it takes any confusion away from the user as it automatically makes the key decisions.

Last, but not least, is the dependable Norton Bootable Recovery Tool. This is useful if a machine becomes seriously compromised and needs to boot up in a safe mode so that a cleansing operation can take place.

Performance is said to be industry leading and previous users will see a smart new look.

Is it the best anti virus to date? Only time will tell, but given the ever increasingly online threats, it does need to be pretty good.

Guest Article by Neil Camp